16e8490e2c833ba2e0bc6449954fa169_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16e8490e2c833ba2e0bc6449954fa169_JaffaCakes118
Size

519KB
MD5

16e8490e2c833ba2e0bc6449954fa169
SHA1

fe4390e32c11b57b8f59d01649af0454216ffe80
SHA256

847d88e71726e423084faf94e1349255714fae6a6699635112a6adcdb97acc27
SHA512

fe10d353d43bc76a48fdcf7003408001e55988e543accc863b79bcf99d15c152acad2671d5d5c456f03ccfde052811276b40a904ac4b9f2e4262d8478445b259
SSDEEP

12288:jZzt8eFUEhcl90Qa7YwtCaLANKr6RbdK3:jZQw7Ywniq6dK3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16e8490e2c833ba2e0bc6449954fa169_JaffaCakes118

Files

16e8490e2c833ba2e0bc6449954fa169_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf1e1dcfff06af6167be8d7c1bb3bbfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ufddll_o

??1CUsblib@@UAE@XZ
?Usblib_ReadUID@CUsblib@@QAEHPAEPAU_Storage_Struct@@@Z
?Usblib_ASPICMD_Start@CUsblib@@QAEHPAE@Z
?Usblib_SPTICMD_Start@CUsblib@@QAEHPAU_Storage_Struct@@@Z
?Usblib_SCSIBusScan@CUsblib@@QAEXPAU_Storage_Struct@@@Z
?Usblib_WriteUID@CUsblib@@QAEHPAEPAU_Storage_Struct@@@Z
?Usblib_ASPICMD_Stop@CUsblib@@QAEXXZ
??0CUsblib@@QAE@XZ
?Usblib_SPTICMD_Stop@CUsblib@@QAEXPAU_Storage_Struct@@@Z

kernel32

LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
SetErrorMode
WritePrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
HeapSize
HeapReAlloc
GetACP
GetTimeFormatA
GetDateFormatA
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
TlsFree
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleFileNameA
WaitForSingleObject
GetLocalTime
Sleep
CreateEventA
GetProcAddress
LoadLibraryA
DeleteFileA
FreeLibrary
OutputDebugStringA
GetVolumeInformationA
GetLogicalDrives
SetEvent
MulDiv
ResetEvent
lstrcmpiA
GetVersionExA
CloseHandle
GlobalHandle
DeleteCriticalSection
GlobalUnlock
ReadFile
GlobalLock
GlobalAlloc
GetFileSize
CreateFileA
lstrcpyA
GetEnvironmentVariableA
GetProfileStringA
TlsAlloc
InitializeCriticalSection
GetCurrentThread
GetThreadLocale
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DuplicateHandle
lstrcmpA
FindNextFileA
FindFirstFileA
FindClose
GlobalFree
lstrcpynA
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
SuspendThread
SetThreadPriority
InterlockedDecrement
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LocalFree
RaiseException
InterlockedExchange
LocalAlloc
WinExec
lstrcatA
GetTickCount
GetLastError
ResumeThread
GetSystemDefaultLCID
GetDriveTypeA
CreateMutexA
SetLastError
GetCurrentThreadId
GetCurrentProcess
GetEnvironmentStringsW

user32

TranslateMessage
GetMessageA
InflateRect
CreateDialogIndirectParamA
EndDialog
CharUpperA
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
DestroyMenu
PtInRect
GetDesktopWindow
LoadCursorA
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
SetWindowTextA
IsDialogMessageA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
GetActiveWindow
CopyRect
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
CallWindowProcA
ExitWindowsEx
GetCursorPos
LoadMenuA
GetSubMenu
OpenInputDesktop
SwitchDesktop
SetThreadDesktop
DrawIcon
LoadStringA
LoadIconA
IsIconic
GetThreadDesktop
GetUserObjectInformationA
wsprintfA
LoadBitmapA
MessageBoxExA
ReleaseDC
EnumChildWindows
SetForegroundWindow
GetClassNameA
GetWindowTextA
SystemParametersInfoA
ShowWindow
FindWindowA
ValidateRect
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ScreenToClient
MoveWindow
UnregisterHotKey
EnumWindows
IsWindowVisible
GetDC
GetSystemMetrics
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterHotKey
KillTimer
SetTimer
SendMessageA
SetCursor
GetClientRect
FillRect
OffsetRect
RedrawWindow
GetParent
UpdateWindow
GetSysColor
EnableWindow
GetWindowRect
IsWindow
InvalidateRect
LoadImageA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetMenu

gdi32

GetDIBColorTable
CreateCompatibleDC
CreateHalftonePalette
GetObjectA
BitBlt
CreateSolidBrush
DeleteObject
CreateFontIndirectA
SetViewportOrgEx
GetViewportOrgEx
CreateCompatibleBitmap
GetStockObject
Rectangle
GetTextExtentPoint32A
GetDeviceCaps
GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetTextExtentPointA
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetMapMode
PatBlt
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetTextAlign
CreateDIBitmap
CreatePalette

comdlg32

GetFileTitleA
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
Shell_NotifyIconA
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoGetClassObject
OleRun
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoCreateInstance
CoRevokeClassObject

olepro32

ord253
ord251

oleaut32

VariantTimeToSystemTime
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
VariantClear
SysFreeString
VariantChangeType

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ordata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf1e1dcfff06af6167be8d7c1bb3bbfc

Headers

File Characteristics

Imports

ufddll_o

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 16KB - Virtual size: 51KB

.rsrc Size: 128KB - Virtual size: 125KB

.ordata Size: 20KB - Virtual size: 20KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 16KB - Virtual size: 51KB

.rsrc
Size: 128KB - Virtual size: 125KB

.ordata
Size: 20KB - Virtual size: 20KB